Premium Essay

Nt1330 Unit 3 Assignment 1

Submitted By
Words 715
Pages 3
Introduction
This document contains instructions for configuring single sign-on (SSO) for IBM Content Navigator with a FileNet P8 repository by using SPNEGO/Kerberos on IBM WebSphere Application Server.

Configure your SSO environment

1. Add a new user ID for the application server to the Active Directory domain. You can use any user name and password. This user ID is reserved for the WebSphere Application Server instance as the Service Principal Name (SPN) that is used to authenticate to Active Directory. (alabamaccount1)
2. Assign the Service Principal Name (SPN) to the Active Directory user and map the SPN to the HTTP Server by running the following command setspn -a HTTP/ussltcsnw7012 albamaccount1 setspn -a HTTP/ussltcsnw7012.solutions.glbsnet.com albamaccount1 …show more content…
Create the keytab file by running the following command from the command line on the Active Directory server: ktpass -out krb5wpxt.keytab -princ HTTP/ussltcsnw7012.solutions.glbsnet.com@SOLUTIONS.GLBSNET.COM -mapuser albamaccount1 -pass Esrsaal15d -ptype KRB5_NT_PRINCIPAL
4. Create a Kerberos configuration file. The Kerberos configuration file, krb5.conf or krb5.ini, contains all of the information that WebSphere Application Server needs to authenticate itself with Active Directory and to authenticate Kerberos clients by using the SPNEGO protocol.
a. Copy the keytab file that you created from the Active Directory server to a directory on the application server where you will deploy IBM Content Navigator.
b. Start WebSphere Application

Similar Documents

Premium Essay

Nt1330 Unit 3 Assignment 1

...Marthe Francois NURSE4420 Unit 3 Assignment 1 I believe that customer satisfaction is an important aspect of a good quality company. For example, when a client comes to your company and you don’t satisfy the client well enough, he can give you a bad review to his peers and friends. His friends could have a lot of influence and when your company gets bad reviews, you start to lose profit and clients in general. If your clients are very satisfied with you, they can recommend you to their friends and they can give you more customers so that your company or organization can grow economically and socially. Assignment 2 One way that certain groups are tested on for benchmarking performance is efficiency in their task that their job gives them. Efficiency is important in my organization as it can either save a person’s life or kill them. They are tested to see if they can handle the anxiety and workload of the environment while doing multiple things at once. FDU and the Henry P. Becton School of Nursing & Allied Health use the...

Words: 558 - Pages: 3

Premium Essay

Nt1330 Unit 3 Assignment 1

... Active Directory information will be reproduced effectively between the LA and NY logistics. One of the reasons why there will be at least one member of the IT department in New York, is so that the IT department may expand network infrastructure whenever necessary. If there were a lack of IT support on site in New York and GAI had no need for such an expansion, then there would be a possible justification for Server 2012 Read-Only Domain Controllers. Instead there will be a domain controller at each location with writable capability established. The Organizational Units (OU) which constitute domain configuration are as follows: • Executives • Accounts & Sales • IT • Creative Media Production • Human Resources & Finances The privileges for all users accounts, including print servers, network access, and read-write privileges will be established during their Active Directory login creation and OU assignment. These will be modified by system administrators on an ad-hoc basis. Members of the IT OU will maintain the advanced permissions necessary for setup and troubleshooting of Active Directory and OU. The five OUs will be organized with their own security groups, complete with email support for purposes of distribution via listing. It is recommended that Universal Security Groups also be used to mitigate access with regard to OU permissions and file access. It is assumed that security operations policy will be provided, in order to secure certain information which only...

Words: 1121 - Pages: 5

Premium Essay

Nt1330 Unit 3 Assignment 1

...Question 1 1) The specification of security measurement of my laptop. 1.1) Window 7 Operating System password • Window 7 Operating System password are used to protect computer from hacker or other unwelcome user and unauthorized. It is a first layer defense of my computer security. Creating a strong password are very important to make sure our password are unpredictable and hard to be cracked by hacker. In crating this password I use a combination of word and number to make it stronger I also use about 6 to 8 character. • Example of Strong password : Abc123W 1.2) Microsoft Security Essentials • Microsoft security Essentials are one of utility software or anti-virus software. This software can scan, detect, and remove a few threat such as worm, virus, spyware, malware, and other unwanted software from our computer. Mostly this software are provided by window. It mean every original window will be provide by this software as it utility or virus protection software. This Software can be automatically scan the threat according to our setting. • Example of Microsoft Security Essentials 2) Types of security approach on how...

Words: 781 - Pages: 4

Premium Essay

Nt1330 Unit 3 Assignment 1

...antivirus. On the left here, you can see there’s another useful linked page on this antivirus which is similar to an application found on default Windows, Event viewer, which is basically the same program is this one, it allows users who access the antivirus to view and monitor conversations between applications and the system. With this program, comes a hierarchy of threat levels, Detection being the lowest level of attention required, to the Error level, in which a program has failed to perform a task which it considers is important. Upon clicking these listed events, more information appears, giving details on why an error may be occurring, allowing users to successfully fix the problem, or at least narrow down where it’s developing. Task 1 - M2 Explain the procedures applied to each group to authenticate access to files and folders on the network and on web site. Permission groups are positioned within the network, with these permission groups, users are placed inside, with the lowest level of security clearance within the network being handed to temporary accounts and accounts with limited quantities of privileges, while accounts with high clearance, such as administrators, have access to most features on the network, from modifying account aspects, to less technical aspects as monitoring bandwidth usage of users and the handling of these users’ data. There are four main approaches a network manager may take on authenticating its users to access files and other data on the...

Words: 1225 - Pages: 5

Premium Essay

Nt1330 Unit 3 Assignment 1

...1 Introduction User's privacy has been an issue of great interest for most people. There is a growing concern over how a user's information can be accessed and used without the user's knowledge nor his consent. On networks this has given rise to privacy control settings on social media to proxy servers to onion routing systems like Tor to ensure that the user has the ability to maintain his privacy online. This concern also extends towards the execution of processes on a user's machine. There is a lot of data of the user's activity that persists on the user's personal system itself for an attacker to take advantage of. A user may want to ensure that any data produced during the execution of any particular application should not be recoverable in any way. Thus it is absolutely critical that privacy concerns must first and foremost be addressed on a user's local system. Research into this area has lead researchers to develop a system call PrivExec[3] that can be used to execute any particular application privately with absolutely no records left behind of it's execution. While this approach may have given user's a solution to their privacy concerns it has at the same time given attackers a tool to cover their tracks. Attackers now have the ability to execute malicious code on systems without...

Words: 1116 - Pages: 5

Premium Essay

Nt1330 Unit 3 Assignment 1

...Reverse engineering is basically going to previous files directory or parent file directory. The attacker will be able to develop a tool which will direct him to source files of webpage. Hence source code can be retrieved from server because of poor designing of application. 3) By knowing the software used by server from response packet, the attacker can launch different types of attack like denial of service, penetration of worm, etc. Attacker can also successfully access data from any file directory in server’s system. 4) HTTP request smuggling attack is used to bypass firewall or other gateways using proxies. In this attack the attacker parses the malicious data, URL or code with the legitimate HTTP packet so that this packet gets access like legitimate packets. 5) HTTP response splitting is an attack in which attacker sends request to server when user sends the request to the server so that server will transmit two response to the user. In this case attacker has control of second response and hence can exploit...

Words: 1279 - Pages: 6

Premium Essay

Nt1330 Unit 3 Assignment 1

...In this module, the shopper sends the question to the server. supported the question the server sends the corresponding file to the shopper. Before this method, the shopper authorization step is concerned.In the server aspect, it checks the shopper name and its countersign for security method. If it's glad then received the queries type the shopper and search the corresponding files within the info. Finally, notice that file and send to the shopper. If the server finds the entrant means that, it set the choice Path to those entrant. 5.2. System Module 5.2.1 User: Users, WHO have information to be hold on within the cloud and have confidence the cloud for information computation, contains each individual customers and organizations. 5.2.2 Cloud Service supplier (CSP): A CSP, WHO has vital resources and experience in building and managing distributed cloud storage servers, owns and operates live Cloud Computing systems. 5.2.3Third Party Auditor (TPA): An optional TPA, WHO has experience and capabilities that users might not have, is trustworthy to assess and expose risk of cloud storage services on behalf of the users upon request. 5.3 Cloud information storage Module: Cloud information storage, a user stores his information through a CSP into a group of cloud servers, that square measure running during a cooccurring, the user interacts with the cloud servers via CSP to access or retrieve his information. In some cases, the user might have to perform block level operations on...

Words: 751 - Pages: 4

Premium Essay

Nt1330 Unit 3 Assignment 1

...Protect Password With Pass Word State To Protect Very Safely Protecting password is just an important thing which ensures your personal data safety. In order to protect your password from unauthorized access, you need to approach pass word management software solution. As there are more services to fulfill the same demand, you need to be very selective. For example, you can approach passwordstate. It is an on premise solution for password management. It always offers a dynamic approach to secure your information which you need to protect them in very sensitive way. Role based administration and end to end event auditing provides you secured storage and collaboration platform. Using their web based password manager software; one can protect corporate or personal privileged accounts, documents and digital identities over here. In order to stay unique on their service, they use 256 bit AES encryption. One can expect storage from them in secure and safe way. With their presence on your mind, you can expect secure storage, sharing and password reset. Able To Share, Store And Reset Password In Any Place: Passwordstate is also particular for providing range of features including discovering accounts and resources on network. They will provide an API for integrating own scripting environment, mobile client, browser extensions for logging in websites. As they are able to store, share and reset password in any places, you can use them to protect your enterprise password. Whatever may be...

Words: 439 - Pages: 2

Premium Essay

Nt1330 Unit 3 Assignment 1

...provided great benefits, such as time saving, cost-effectiveness and scalability as on the other hand, this technology is facing a numerous number of issues and challenges where the privacy and security issues are considered as the most challenging ones. Therefore, the research trend is to protect data integrity, privacy and confidentially in the cloud computing even from the cloud providers themselves and also enable cloud users to add more control of their data security policies in the cloud. The proposed solutions for enhancing data security and privacy in cloud computing have different directions such as Trusted Computing (TC), Data Centric Approach (DCS) and cryptography algorithms for improving security of data in the cloud. Chapter 3: Cryptography and its………………. 3.1 Introduction As we all know that the use of the internet is growing up and the speed of data transfer over the internet is increasing too, especially after the invention and use of Fibernet as a data transfer medium. Gradually a lot of people have moved to using online data storage, so that they can access their data from anywhere in the world. Furthermore, online backup techniques lower the risk of losing any kind of data even when the local machine or system crashes. As we know that one of the most feasible solutions is data storage in cloud computing. It is a requirement and very basic feature that data should be stored securely in the cloud, i.e., the cloud storage facility should ensure privacy, integrity...

Words: 1702 - Pages: 7

Premium Essay

Nt1330 Unit 3 Assignment 1

...First of all, I want to say thanks to the Office of Personnel Management for hiring me to determine what threat vector compromised the network. My fist step in conducting this Penetration testing would be to search for information on this organization because I want to see what information is out there that a hacker might have benefited from. To complete this task I would use the site "Whois.net", the site "Netcraft" and some search engine skills.By searching the organization's domain name in the whois.net interface I can find running name servers and their respective IP addresses. Netcraft, on the other hand, would allow me to gain significant information about the organization such as the type of OS this corporations computer's run, the DNS admin domain name, name server, and IPv6 address if any. Searching for specific information about this organization by utilizing search engine skills can provide me with important information on this organization, such as emails addresses and a more extensive list of IP addresses. This attacker might have compromised the network by sending out phishing attacks to employees emails so I will utilize a tool called "the Harvester which will allow me to catalog email addresses and subdomains related to the organization. With my expertise and the use of these tools, I will gather as much information as possible because this will guarantee a more successful Penetration Test. After I have gathered all this information I would then pass to the...

Words: 628 - Pages: 3

Premium Essay

Nt1330 Unit 3 Assignment 1

...An error message might keep on appearing on a Windows XP PC. After you have installed Microsoft Office, Professional 2000, when you use the Microsoft Office application, an error is displayed. The message specifically appears at the time of sending an email. The error message shows that the file wab32.dll is missing from the system. This problem might be due to incompatibility of the program with your system. Try to install the version of the application that is compatible. Now, also use the System File Checker scan so the missing files such as wab32.dll can be replaced on the system. There might be some issues while installing Windows Vista Service Pack 2. After a number of attempts has been taken to install it, a message is displayed showing!!0xc0190036!! 2688/58745(wab32.dll). The error tab does not state anything as such except the code and the file name. In order to fix this problem, you can uninstall and then reinstall the entire suite of application. After this is done, a prompt appears showing that Microsoft office must be installed. In order to solve this problem, copy the file wab32.dll from System folder and then paste it to system32 folder. There can be a problem with the setting up of email. The problem shows for both Microsoft Office Outlook as well as for Windows Live Mail. A message is displayed on screen showing that an error have occurred while opening wab32.dll. This message keeps on appearing on a Windows 7 PC. The problem might be due to the missing or...

Words: 839 - Pages: 4

Premium Essay

Nt1330 Unit 3 Assignment 1

...sent off. Emails would also require authentication of user certificate before being sent from the users account, verified while the CAC card is still inserted within the machine. 2. The security solution that I am recommending impacts the threat by requiring additional authentication that the sender must provide. While it is not full proof it requires that the sender provide more than just a pin number or username and password. These additional steps should provide ample time to identify that the user is not who they claim to be. Most hackers are not prepared for additional security procedures. Although a static defense is prone to more study by those who wish to defeat it, developing a more active and mobile form of defense is preferred. 3. The system that I propose can be easily implemented in a timely manner. In step 1a the procedures are simply a change in desktop procedure, which can be established in a matter of days through re-writing. Step 2a can be completed quickly, at least for the first step. Completing the second step might require additional contracting or development of additional software and training, to ensure employees understand the use of the Common Access card. Step 3a can be accomplished in a timely manner by changing email protocols and re-routing email traffic, however, it would be completed when step 2a is. The Common Access card is a powerful security tool that would pay large dividends when applied to the company network. 4. The scope of an attack...

Words: 691 - Pages: 3

Premium Essay

Nt1330 Unit 3 Assignment 1

...It can be quite annoying if the PC is often unresponsive, especially if there is something really important to be done or the user requires instant access to data for someone who is sitting in front of them. The following guidelines could be helpful to make computer faster. Lessen the Number of Applications Installed One of the main causes that slow down the PC is having too many applications installed in it, regardless of the system being used. When games and applications are installed to a computer, some files are stored in the Windows directory structure and a lot of changes happen in the Windows Registry file. Majority of these changes are not promptly obvious to the Windows user. Programs that are redundant repeatedly ask the system to run a maintenance and occupy the hard disk drive, causing Windows to become unacceptably slow to respond. The appropriate removal of these programs needs uninstalling the application by going to the Control Panel – Programs and Features icon. Uninstalling an application or a software instantly after using it can speed up pc. There are also available third party programs that could help to remove applications that don’t have uninstall procedures or don’t completely remove themselves. Stop All Unnecessary Background Processes At the left hand corner of the computer screen, there is a group of small icons called the “system tray” or “notification area.” Every icon corresponds to a program that has been initiated or is just running in the background...

Words: 754 - Pages: 4

Premium Essay

Nt1330 Unit 3 Assignment 1

...is very flexible, as it has the properties of both shared and dedicated hosting. However, a VPS hosting account does not run on a private dedicated server. This means it does have some security risks. Fortunately, you can take steps to protect your website and sensitive data. Here are BLANK ways to secure your Windows VPS account: 1. Regulate User Access—It is important to create user access accounts to prevent unauthorized users from accessing your data. Be sure to create a single account for each user you intend to allow on the platform. You should also create an administrator account for yourself, so that you can monitor usage and set restrictions to other users. An administrator account will also allow you to manage software and applications. 2....

Words: 442 - Pages: 2

Premium Essay

Nt1330 Unit 3 Assignment 1

...Hardening Windows Server 2008 is important because it improves the security of computer systems. The process of enhancing server security will effectively minimize various vulnerabilities and threats. Implementing hardening methods prior to using the server in normal operations will minimize malicious attacks and the chance of compromise. The Microsoft Baseline Security Analyzer (MBSA) is a tool that will provide an assessment of the Windows Server 2008 security configuration. It will scan for Windows administrative vulnerabilities, weak passwords, Internet Information Server (IIS) administrative vulnerabilities, and Structured Query Language (SQL) administrative vulnerabilities. A detailed report of the findings will be generated in the order of severity. This information can be used to fix any possible security problems on the network. After resolving the security issues that were identified by MBSA, you can continue to harden the server by utilizing the Server Configuration Wizard (SCW). The tool’s features can reduce the exposure of attacks by disabling services that are not required and creating security policies tailored to a server’s specific role. In order to enable the appropriate ports and services, you will need to establish roles, client features and administration options. The security policies generated by SCW are Extensible Markup Language (XML) files that configure audit polices, registry values, network security and services. Policies that are already in place...

Words: 481 - Pages: 2